analysis of vulnerabilities

Similar Questions

• Locking options down PowerConnect 5524 after analysis of vulnerabilities

  Hello

  After a recent vulnerability scan with BeyondTrust Retina, our PC 5524 hits showed as:

  Medium	10890	Web resources/cgi-bin / detected
  Medium	10898	Web resources detected /cgi-bin/index.jsp::$DATA
  Medium	10907	Web resources detected /cgi-bin/jsp/index.jsp::$DATA
  Medium	10930	Resource Web/demo /... /%3F.jsp detected
  Medium	10942	Resource Web/demo /... /index.jsp: $Data detected
  Medium	10953	Resource Web/demo /... /jsp/index.jsp::$Data detected
  Medium	10871	/Index.jsp: $DATA detected Web resources
  Medium	10885	Web resources detected /jsp/index.jsp::$DATA
  Medium	10910	Web resources detected /scripts/%3f.jsp
  Medium	10919	Web resources detected /scripts/index.jsp::$DATA
  Medium	10926	Web resources detected /scripts/jsp/index.jsp::$DATA

  Not to mention that the disabling of the web interface, is possible to block access to these directories?

  Thank you.

  I'm not aware so as to lock the access to these directories. Have you tried to disable HTTP and HTTPS enabling? Then, run the same scan and see if the result is the same.

  You could try a firmware update. There are a few security enhancements in the latest firmware.

  http://Dell.to/1KG1TZe

  If it is a must to disable the web interface, the switch that can be fully managed through the CLI.

• Result of vulnerability analysis shows Sun Java JDK / JRE / SDK Multiple Vulnerabilities

  Analysis of vulnerabilities by Kaspersky Anti Virus showed Sun Java JDK / JRE / SDK Multiple vulnerabilities in my laptop Vista Home Basic 32-bit computer. Looking for solutions for

  In Kaspersky, if you click on the little details, it will bring up a full description of the possibility. It may look technically daunting, but generally if you scroll down there is a statement of how to fix the vulnerability. In most cases, it simply means updated the web browser plugin or program. In your case, it may simply mean Java update by visiting www.java.com and get the free update.

  Note that a vulnerability detected is not to say that your PC is infected with malware. It simply means that a security breach has been detected that could potentially be exploited by a person in certain circumstances.

• It is recommended to have a vulnerability for Cisco ASA device scan.

  Dear everybody.

  I have a doubt about the analysis of vulnerabilities for Cisco ASA device. Currently we have a vulnerability to network devices include firewalls. But after race for cisco ASA vulnerability scanning, found nothing in the analysis report.

  Is it is recommended to have a Cisco ASA vulnerability scanning and it will defeat the purpose of the firewall?

  I do not understand you ask you can set the ASA to allow an external user, run an analysis on the internal network?

  If so the answer is generally no. The ASA, by default, not allow incoming connections (or attempts of connections) that are not explicitly allowed in a list of inbound access (applied to the external interface). In most cases there should also be (NAT) network address translation rules configured.

  If you had a remote access VPN, you can allow external scanner to connect through that, then they would have the necessary access to analyze internal systems (assuming that allowed VPN access to all internal networks)

• Help, please! Microsoft Vs Cisco VPN Client VPN

  Could someone please indicate if the Cisco VPN Client is safer than the VPN integrated Microsoft on windows XP? If the Cisco client is more secure than why? Microsoft it does not use IPSEC and PPTP right?

  Please advise - very urgent!

  I don't know a customer Cisco Cisco VPN concentrator is safer, but I'm not sure exactly why.

  Carlton,

  Take a deeper look at the same time, all your questions will be answered once you look at these links.

  IPSec is a Cisco VPN standard, open customer or any customer VPN IPSec based should meet these standards. You'll learn more by reading these few bellow of links at the end of the reading you will be to have a better

  perspective on the customer you would gear more to use as a professional network.

  Personally, I've been away little by little PPTP and substituting Cisco VPN clients. Don't get me wrong, PPTP is still widely used there, but it is more vulnerable.

  With Ipsec VPN, you have a wider choice of authentication algorithms, to base

  granularity of ciphers as a way to implement a secure VPN extreamely for RA architecture

  Introduction to IPsec

  http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_tech_note09186a0080094203.shtml

  Introduction to PPTP/L2TP

  http://www.Clavister.com/manuals/ver8.6x/manual/VPN/pptp_basics.htm

  Analysis of vulnerabilities and implementation MS PPTP

  http://www.Schneier.com/paper-PPTP.html

  http://www.Schneier.com/paper-PPTP.PDF

  Alternative workaround to use client MS using L2TP over Ipsec

  http://www.Cisco.com/en/us/products/HW/vpndevc/ps2030/products_configuration_example09186a00807213a7.shtml

  In addition, you can do a google search on "hacking PPTP" or "Ipsec" to preview more vulnerabilities.

  Rgds

  Jorge

• NAC v 4.1.1 and issuance of Nessus

  Dear Sir/Madam,

  I'm trying to set up analysis of vulnerabilities in network security controls, I am already registered for Nessus 2.2 http://www.nessus.org/plugins/index.php?view=registerplugins. and downloaded the free plugin downloaded then the CAM, I received the message says "result: Upload successful", but under the Plugins tab, I couldn't find anything in the menu plugins to show.

  all of the suggestions!

  Kind regards

  Hello.

  Please, try to rename the file to plugins.tar.gz (instead of plugin.tar.gz) plugins and download it again.

  Please let me know if that helps.

  -Joe

• Security reviews, pilots invited and vulnerability mitigation

  Hello people,

  I'm looking at an interesting dilemma about the security team on our build VMGuest. 4.1 operating u2 a mixture of 2003r2sp2 and 2008r2sp1 quests were running v7 hardware and tools generation v 8.3.12 493255. A recent analysis identified vulnerabilities native driver e1000 used with tools like a medium level threat http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6385 .

  I've always learned in best practices to use the version of the tools of the pilots and not to ever use hardware drivers due to problems of "compatibility".

  
  Now my question is.... is - it now practice common to patch virtual hosts with driver updates from the manufacturer of the card emulated in place of just using the native driver sets and vmware tools?

  
  I've seen the occasional post that says no don't... but seemingly dated information.

  
  If it is not the case then that means factoring in a pilot of more recent material to the model generation or possibly opt for help vmxnet3 drivers for windows based clients.

  I can do one of 3 things here:

  (a) other challenge security on the VMWare compatibility basis then find documentation to support
  (b) replace the drivers with updated material basis of pilots made Intel
  (c) avoid the question entirely? and potentially use s vmxnet3

  I'm just getting up VUM who will however host-based updates the patched for windows guest will be managed by a third-party tool

  Any thoughts on this matter would be appreciated

  Thank you very much

  Hello

  Since the e1000 driver is Microsoft (or as much as Microsoft gets this driver), you should patch this driver with a Microsoft. If there is a vulnerability you should go first to the guest operating system vendor. If they direct you to a provider of material then you should watch other requirements at the hardware level before continuing.

  Given that VMware Tools does not replace the existing drivers, it is up to you to patch the operating system invited as your do normally.

  Perspective of VMware, is that you SHOULD use VMXNET drivers as it improves over all performance.

  But for the most part this vulnerability in the operating system and should be corrected accordingly.

  Best regards
  Edward L. Haletky
  VMware communities user moderator, VMware vExpert 2009, 2010, 2011, 2012

  Author of the books ' VMWare ESX and ESXi in the business: Planning Server Virtualization Deployment, Copyright 2011 Pearson Education. ' Of VMware VSphere and Virtual Infrastructure Security: securing the virtual environment ', Copyright 2009 Pearson Education.
  vSphere Upgrade Saga - virtualization security Table round Podcast

• I thought that the pc has a lot of files unwanted ex slows down the pc in the last cheq; ther have been more than 1,000 falts so if that is the case why a analysis of microsoft found them and fixd them

  my pc is very slow, it has furms there who announced for pc free cleen upward but thay are not free; There it scans shows on a PC ther 1000 falts. but I have the safety of microsoft in effect on my pc; ISS so it effective I have all thise things slow down my pc and if so why hasent microsoft stopt them or found on sound analysis;

  Many of these products are all fear-mongering, especially products registry cleaner that allows to identify errors in call charges so much. These registry errors make little or no difference in performance of your computer. Without discernment of cleaning the registry can cause your computer problems including programs works only or the computer does not start. Registry cleaners don't consider as a panacea for your computer problems. If you have a specific problem, are looking for a specific answer. People in these forums will be happy to help you.

  For Windows XP, I would follow the advice in this article:

  How to make a computer faster: 6 ways to speed up your PC

  who is simple and generally of course. Even in this case, make sure you have a current backup of your valuable data.

  Microsoft Security Essentials is an anti-virus program only - it is not designed to find related errors other than viruses and vulnerabilities on your PC.

• Anyone know what's going on I get the message "Vista Security 2012 Alert" with a so-called analysis showing viruses and malware and asking if I want to get protected by buying something?

  Help! This alert keeps popping up every few minutes and I don't know if it's true or what. It was apparently something 'Vista Security 2011' malicious who has toured before (I have never seen this).

  Hello

  read below for information on what it is and how to remove it

  It changes its name, but it's the same Malware program

  Win 7 Antispyware 2012, 2012 Antivirus Vistaand XP Security 2012 are all names for the same fake anti-spyware. This family of thieves is promoted in two ways. The first is to use antivirus scanners online fake state that your computer is infected and then prompt you to download a file that will install the infection. The other method are pirated web sites that attempt to exploit vulnerabilities in programs that you run on your computer to install the infection without your knowledge or permission. No matter how it is installed, as soon as it runs on your computer it will install as a variety of names in different programs and graphical interfaces depending on the version of Windows that is running. Whatever the name, however, they all end the same program with just a different skin to this topic. This rogue is going to program different names, one of which I have listed below based on the version of Windows that is installed on:

  Windows XP rogue name	Name of Rogue Windows Vista	Windows 7 Rogue name
  XP Antispyware 2012	Vista Antispyware 2012	Win 7 Antispyware 2012
  XP Antivirus 2012	Vista Antivirus 2012	Win 7 Antivirus 2012
  XP Security 2012	Vista Security 2012	Win 7 Security 2012
  XP Home Security 2012	Vista Home Security 2012	Win 7 Home Security 2012
  XP Internet Security 2012	Vista Internet Security 2012	Win 7 Internet Security 2012

  Follow the exact deletion on the link below

  http://www.bleepingcomputer.com/virus-removal/remove-win-7-AntiSpyware-2012

  __________________________________________________________

  Here are all the other different names associated with

  these rogue program names belong to a type of malware using different names but producing the same results

  Read this information too

  Vista anti-virus 2011, Vista Total Security 2011, Win 7 Home Security and include some of the names by a rogue new name change randomly to settle on the victim's computer.  When this particular rogue is installed, it will install as a variety of names in different programs, with each having their own graphical user interface according to the version of Windows running on the computer. Whatever the name, however, they are all the same exact program with just a different name and skin on this subject. This rogue goes by many names in different programs, of which I have listed below depending on the version of Windows that is installed on:

  Windows XP rogue names	Names of Windows Vista Rogue	Windows 7 fake names
  XP Antivirus	Vista anti-virus	Win 7 antivirus
  XP Antivirus 2011	Vista anti-virus 2011	Win 7 anti-virus 2011
  XP Anti-Spyware	Vista Anti-Spyware	Win 7 AntiSpyware
  XP Antispyware 2011	Vista Antispyware 2011	Win 7 antispyware 2011
  XP Home Security	Vista Home Security	Win 7 Home Security
  XP Security 2011 Home	Vista Security 2011 Home	Win 7 Security 2011 Home
  XP Total Security	Vista Total Security	Win 7 Security Total
  XP Security 2011 Total	Vista Total Security 2011	Win 7 Security 2011 Total
  XP security	Vista security	Win 7 Security
  XP security 2011	Vista Security 2011	Win 7 Security 2011
  XP Internet Security	Vista Internet Security	Win 7 Internet Security
  XP Internet Security 2011	Vista Internet Security 2011	Win 7 Internet Security 2011

  http://www.bleepingcomputer.com/virus-removal/remove-win-7-Internet-Security-2011

  ________________________________________________________________________

  Here are the same false warnings that you get from them varients 2011 and 2012

  nothing has changed; just their names

  System danger!
  Your security system is in danger. Threats to privacy detected. Spyware, recorders of striking or Trojan horses may work the bottom right now. A comprehensive analysis and the withdrawal now, click here.

  Misuse of the system!
  System security threat has been detected. Virus or spyware can be detrimental in your system now. Prevent infection and data loss or stealing by running a free security scan.

  Private life threatening!
  Spyware intrusion detected. Your system is infected. The integrity of the system is at risk. Private data can be stolen by third parties, including passwords and credit card Details . Click here to perform a repair of the security.

  Stealth intrusion!
  Infection detected in the background. Your computer is now attacked by spyware and rogue software. Eliminate the infection safely, perform an analysis of security and deleting now.

  \

  Follow the removal instructions that are provided

• BlackBerry App BlackBerry App analysis of vulnerability

  Hello

  I'm looking for a way to perform an analysis of the vulnerability on the applications of the BlackBerry World public.

  Currently, we use a variety of tools including NowSecure Lab (for ios and android) to analyize of specific applications for security vulnerabilities that are present.  This includes the binary app static analysis and dynamic analysis of the application running on the device.

  Is there a similar tool to the NowSecure laboratory which can be used for applications BlackBerry World?

  Thank you

  Change Yes I know app BlackBerry vetting of treatment with the help of guardian and their relationship with Trend Micro.

  Two copies. Please see here: http://supportforums.blackberry.com/t5/BlackBerry-World-Development/BlackBerry-App-Vulnerability-Ana...

• Phot of problem analysis

  Hello

  I have a problem with the app photo with Sierra.

  I 107755 pictures. the analysis of people started

  but he remains arrested with 519 photos

  I tried to fix the bookstore. restart analysis but still stuck to 519 phoos.

  Does anyone have the same problem and a solution?

  Thank you

  Thomas

  How long it has been blocked? You have a very large library so I keep the Mac awake and fed and the Photos doesn't work does not and give him a few days - usually messing slows it rather than speeding it and is a 'restart Yvert"command

  lN

• I can't save analyses after you download Sierra OAS

  I can't save analyses after you download Sierra OAS.

  The "Save" button is grayed out?

  Hello 2014anthony1,

  Thank you for using communities of Apple Support.

  I see that you can not save scans after updating to Mac OS Sierra. I would make sure I can save analysis too, I do a lot of scanning on my Mac. Let's work together and get this problem is resolved.

  I suggest to use macOS Sierra: update or change the printer software, more precisely, that these sections:
  
  

  Most printers are compatible with Mac OS. When you add a printer, Mac OS automatically uses AirPrint to connect to the printer or the printer software downloads (also called a printer driver).

  If you can not use a printer that is already added, or you see not the options you want in the print dialog box, you can add the printer again with different or software to print settings different.

  Add your printer with different parameters

  1. Choose the Apple menu > System Preferences, and then click Printers and scanners.

  2. Select your printer from the list, and then click the button Delete .

  3. Click on the button Add and if a context menu appears, choose Add a printer or a Scanner.

     A dialog box is displayed that lists all Hello, IP, printers directory shared, and open on your local network. It may take a minute or two for your printer to appear.

  4. Select your printer, when it appears in the list, and then do one of the following:

     • Use AirPrint: Click on the drop down menu, then choose AirPrint (or Secure AirPrint). If AirPrint is not on the shortcut menu, the printer does not support it.

     • Use a printer software installed on your Mac or downloaded from Apple: Click on the drop down menu, then choose Select software.

     • The software to print a file on your Mac: Click on the dropdown menu, then select other. Select the file, and then click Add.

  Update your printing software

  If your printer is not how to use AirPrint, you can use Software Update to download the latest version of the software. If you don't do this, you see a message that software is not available when you connect your printer.

  • Choose the Apple menu > App Store, and then click updates.

    Install the software updates that are listed for your printer.

  • If the software for your printer is not available using the software update, you can contact the manufacturer for more information. Maybe it's that your printer is not compatible with Mac OS. To check, see the article Apple Support printer and scanner software available for download.

  If you install the printing software you don't have Apple, printing software can not be updated automatically when you use the software update.

  Let us know if that helps. We'll help you get through this.

  All the best!

• BLOCK the POPUP is supposed to stop some analyses online.  How to kill my popup block?

  BLOCK the POPUP is supposed to stop some analyses online.  How to kill my popup block?

  < email published by host >

  Safari > Preferences > Security > Web content:

  Uncheck "block pop-up windows".

  

• iOS 10 bed - sleep analysis does not

  I use the new feature in iOS 10. The first night, he showed me a graphic analysis of sleep. But every other night, the alarm sleep wake up properly but there is no data from the analysis of sleep. The days are just empty.

  I did disable the feature or did something else to change the settings. It is simply not show me how long I slept.

  It is a disappointment - I was really looking forward to this feature. Anyone else having this problem, or am I missing something?

  I wonder also how works the time of sunset. How she not analysis sleep? With the right movement? Should it be on my bed, or can it be on my bedside table? How this compares to an application like sleep work? I use for several months now, and it looks even better that bed IOS. Sleep wake me according to my cycle light sleeper, or only at the time, I put?

• My MacBook 12 regularly gets an analysis of needs of Unix executable file names in her basket

  My MacBook 12 regularly gets a Unix executable file named 'needsanalysis' in his trash. Anyone have any idea why? What is it? What can I do to stop what is happening?

  I have two laptops on a an environment MBA 2011 and a 2016 MB and it happens on the latter. Both are on OSX 10.11.6

  Thank you, Colin.

  The executable "unix" just means that it doesn't have an extension for the operating system is not what it is. In addition, the executable bits are defined, so it may have been a case, but this info was lost, too.

  Do you run all software anti-virus on them? I don't know what else would generate something that "needs analysis".